Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2019-2001
HistoryFeb 28, 2019 - 12:00 a.m.

CVE-2019-2001

2019-02-2800:00:00
ubuntu.com
ubuntu.com
11

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The permissions on /proc/iomem were world-readable. This could lead to
local information disclosure with no additional execution privileges
needed. User interaction is not needed for exploitation. Product: Android.
Versions: Android kernel. Android ID: A-117422211.

Notes

Author Note
tyhicks This is the same issue as CVE-2015-8944
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchlinux<ย 3.13.0-125.174UNKNOWN
ubuntu16.04noarchlinux<ย 4.4.0-87.110UNKNOWN
ubuntu16.04noarchlinux-aws<ย 4.4.0-1026.35UNKNOWN
ubuntu14.04noarchlinux-lts-xenial<ย 4.4.0-87.110~14.04.1UNKNOWN
ubuntu16.04noarchlinux-raspi2<ย 4.4.0-1065.73UNKNOWN
ubuntu16.04noarchlinux-snapdragon<ย 4.4.0-1067.72UNKNOWN

Related

prion 2
cve 2
debiancve 1
ubuntucve 1
nessus 6
ubuntu 5
openvas 7
cloudfoundry 1
androidsecurity 1
prion
prion
Information disclosure
2016-08-06 10:59:00
Information disclosure
2019-02-28 17:29:00
cve
cve
CVE-2015-8944
2016-08-06 10:59:00
CVE-2019-2001
2019-02-28 17:29:00
debiancve
debiancve
CVE-2015-8944
2016-08-06 10:59:00
ubuntucve
ubuntucve
CVE-2015-8944
2016-08-06 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3364-2)
2017-07-25 00:00:00
Ubuntu 16.04 LTS : Linux kernel (AWS, GKE) vulnerabilities (USN-3364-3)
2017-07-26 00:00:00
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3364-1)
2017-07-25 00:00:00
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2017-07-24 00:00:00
Linux kernel (AWS, GKE) vulnerabilities
2017-07-25 00:00:00
Linux kernel vulnerabilities
2017-07-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3364-2)
2017-07-25 00:00:00
Ubuntu: Security Advisory (USN-3364-3)
2017-07-26 00:00:00
Ubuntu: Security Advisory (USN-3364-1)
2017-07-25 00:00:00
cloudfoundry
cloudfoundry
USN-3364-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-08-04 00:00:00
androidsecurity
androidsecurity
Android Security Bulletinโ€”August 2016
2016-08-01 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for UB:CVE-2019-2001
prion2cve2debiancve1ubuntucve1nessus6ubuntu5openvas7cloudfoundry1androidsecurity1